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AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions and listings of claims in the 

application: 

LISTING OF CLAIMS: 

1 . (Previously Presented) A storage apparatus, comprising: 

a processor; 
a memory; 

at least one storage device accessible over a network by at least one network entity; 

a storage controller, coupled to the at least one storage device; 

a network interface connectable to the virtual local area network (VLAN) switch; 

wherein the processor is at least intermittently coupled to the memory, the storage 
controller and the network interface; 

wherein the memory comprises configuration information including a correspondence 
between at least one segment of a virtual local area network (VLAN) connectable by the network 
interface and at least one virtual volume of the at least one storage device; 

wherein the processor, the memory, the storage controller and the network interface are 
operable to control the virtual local area network (VLAN) switch to map the at least one segment 
to the at least one virtual volume based upon the configuration information; and 

wherein at least one of the processor or the network interface control access to the at least 
one virtual volume based upon the configuration information. 

2. (Original) The apparatus of claim 1 , 
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further comprising an out of band management interface connectable to a second 
network. 

3. (Original) The apparatus of claim 1 , 

wherein the network interface connectable to a virtual local area network (VLAN) switch 
comprises an interface to a VLAN trunk line. 

4. (Original) The apparatus of claim 3, 

wherein information carried by the VLAN trunk line is identified using an embedded tag. 

5. (Previously Presented) The apparatus of claim 1 , 

wherein the network interface connectable to a virtual local area network (VLAN) switch 
comprises an interface to a VLAN switch, the VLAN switch connectible to at least one host 
computer via at least one VLAN access link. 

6. (Previously Presented) The apparatus of claim 5, 

wherein information carried by the at least one VLAN access link comprises untagged 

frames. 

7. (Previously Presented) The apparatus of claim 6, 

wherein information carried by the at least one VLAN access link is identified using a 
VLAN Identifier of a receiving port. 

8. (Previously Presented) The apparatus of claim 6, 
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wherein information carried by the at least one VLAN access link is identified using a 

Media Access Control (MAC) address. 

9. (Original) The apparatus of claim 6, 
wherein an untagged frame comprises: 

a preamble field; 
a source MAC field; 
a destination MAC field; 
a type field; 
a data field; and 
a CRC field. 

10. (Previously Presented) A method, comprising: 

separating logically a local area network into a plurality of virtual local area networks, 
including a first virtual local area network and a second virtual local area network; 

separating logically a storage device accessible over the local area network by at least one 
network entity into a plurality of virtual volumes, including a first virtual volume and a second 
virtual volume; 

managing a configuration comprising a mapping of the first virtual local area network to 
the first virtual volume and the second virtual local area network to the second virtual volume; 
and 
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routing information from the first virtual local area network to the first virtual volume 
and the second virtual local area network to the second virtual volume and preventing 
communication from the first virtual local area network to the second virtual volume and from 
the second virtual local area network to the first virtual volume based upon the configuration; 

wherein the managing, routing and preventing is performed by the storage device. 

1 1 . (Original) The method of claim 10, 
further comprising at least one of: 

configuring network parameters; 
configuring a new file system; 
configuring a designated file system; and 
deleting a designated file system. 

12. (Original) The method of claim 10, 
further comprising at least one of: 

updating a management interface IP address; 
updating a physical network interface IP address; 
updating a VLAN interface IP address and a VLAN tag; 
deleting a designated VLAN interface; and 
adding a new VLAN interface. 

13. (Original) The method of claim 10, 
further comprising at least one of: 
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adding a VLAN to a file system; 

removing a VLAN from the file system; 

adding a volume to the file system; and 

removing a volume from the file system. 

14. (Original) The method of claim 1 0, 
further comprising: 

authenticating user authority. 

1 5 . (Currently Amended) A computer program product embodied in a computer- 
readable medium , comprising: 

code for sending and receiving tagged frames to and from a network interface; 

code for managing a file system accessible over a network by at least one network entity; 

code for managing a virtual volume within the file system; 

code for controlling data transfer between the network interface and a storage controller 
of the file system; 

code for managing a configuration comprising a mapping of the virtual volume to a 
virtual local area network; 

code for routing information from the virtual local area network to the virtual volume in 
the file system and preventing communication from at least one other virtual local area network 
to the virtual volume based upon a configuration; and 



Atty. Docket No.: CA1469 (HAL 200) 
PATENT APPLICATION 

RESPONSE UNDER 37 C.F.R. §1.111 
U.S. Application No.: 09/996,308 

a computer readable storage medium for holding the codes, wherein the managing of the 

configuration, routing and preventing are performed by a storage device hosting the file system. 

16. (Original) The computer program product of claim 15, 
further comprising at least one of: 

code for receiving configuration information for the file system; 

code for receiving configuration information for the virtual volume; and 

code for receiving configuration information for the virtual local area network. 

1 7. (Original) The computer program product of claim 16, 
further comprising at least one of: 

code for updating configuration information for the file system; 

code for updating configuration information for the virtual volume; and 

code for updating configuration information for the virtual local area network. 

18. (Previously Presented) A network storage apparatus, comprising: 
a means for processing information; 

a means for connecting to a virtual local area network (VLAN) switch; 

wherein the means for processing and the means for connecting to a virtual local area 
network (VLAN) switch are connectable to a storage device accessible over a network by at least 
one network entity having at least one virtual volume mapped to at least one segment of a virtual 
local area network (VLAN) based upon configuration information managed by the processing 
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means, thereby preventing communication between another segment of another VLAN and the at 
least one virtual volume. 

19. {Previously Presented) A storage apparatus, comprising: 
a means for processing information; 

a means for storing data accessible over a network by at least one network entity; 
a means for controlling storing of data; 

a means for connecting to a virtual local area network (VLAN) switch; 

wherein the means for processing, the means for controlling storing of information and 
the means for connecting to a virtual local area network (VLAN) switch map at least one 
segment of a virtual local area network (VLAN) to at least one virtual volume of the means for 
storing data based upon configuration information and prevent communication between another 
segment of another VLAN and the at least one virtual volume. 

20. {Previously Presented) A system, comprising: 
a storage device; 

a virtual local area network (VLAN) switch, coupled to the storage device such that the 
storage device is accessible over a network by at least one network entity; and 

at least one segment coupled to the virtual local area network (VLAN) switch via at least 
one virtual local area network; 

wherein the storage device is operable to map the at least one segment of the at least one 
virtual local area network to at least one virtual volume of the storage device based upon 
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configuration information, and is operable to prevent another segment of another VLAN from 
communicating with the at least one virtual volume of the storage device. 

21 . (Previously Presented) A method of controlling accesses from servers to a 
network storage subsystem, wherein the network storage subsystem is connected to a virtual 
local area network (VLAN) switch via a VLAN switch and receives access requests from the 
servers via the VLAN switch, the method comprising the steps of: 

allocating a dedicated storage resource accessible over a network by at least one network 

entity to each VLAN segment, 

receiving a Internet Protocol (IP) packet based access from a server, 

determining a VLAN segment that the server belongs to, based on a VLAN identification 

in the IP packet, and 

permitting the server to access the dedicated storage resource allocated to the VLAN 
segment that the server belongs to, and preventing another server that does not belong to the 
VLAN segment from accessing the dedicated storage resource based on configuration 
information managed by the network storage subsystem; 

wherein the determining, permitting and preventing are performed by the network storage 
subsystem. 

22. (Previously Presented) A method, comprising: 
separating a virtual LAN into a plurality of segments; 
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managing a mapping of each one of the plurality of segments to a storage device 

accessible over a network by at least one network entity; 

assigning at least one virtual volume to each one of the plurality of segments; and 
controlling access to a virtual volume, such that the virtual volume will communicate 

only with a segment to which it is assigned; wherein the managing and controlling is performed 

by the storage device. 



